From 2ad08a6a0554b1166520b40d503fca5973672870 Mon Sep 17 00:00:00 2001 From: Erik Olof Gunnar Andersson Date: Fri, 23 Aug 2019 16:02:13 -0700 Subject: [PATCH] Fix ipv6 bugs with devstack and pdns4 driver * Change dns backends and pools.yaml to use ipv6 addresses not wrapped in brackets. * Changed MySQL backends to use MYSQL_HOST. * Fixed bug in pdns4 driver not allowing masters to use an ipv6 address. Depends-On: https://review.opendev.org/#/c/678324/ Change-Id: I8f469e732618732f5417c1b5e6c2049eaa83ea78 --- designate/backend/impl_pdns4.py | 9 ++++- designate/tests/unit/backend/test_pdns4.py | 39 ++++++++++++++++++- devstack/designate_plugins/backend-agent | 8 ++-- .../designate_plugins/backend-agent-knot2 | 8 ++-- .../designate_plugins/backend-agent-msdns | 2 +- devstack/designate_plugins/backend-bind9 | 15 +++---- devstack/designate_plugins/backend-infoblox | 2 +- devstack/designate_plugins/backend-pdns4 | 17 ++++---- devstack/designate_plugins/backend-powerdns | 12 +++--- 9 files changed, 78 insertions(+), 34 deletions(-) diff --git a/designate/backend/impl_pdns4.py b/designate/backend/impl_pdns4.py index 32ff982d7..576dddd5c 100644 --- a/designate/backend/impl_pdns4.py +++ b/designate/backend/impl_pdns4.py @@ -11,6 +11,7 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. +import netaddr import requests from oslo_config import cfg from oslo_log import log as logging @@ -54,8 +55,12 @@ class PDNS4Backend(base.Backend): def create_zone(self, context, zone): """Create a DNS zone""" - masters = \ - ['%s:%d' % (master.host, master.port) for master in self.masters] + masters = [] + for master in self.masters: + host = master.host + if netaddr.IPAddress(host).version == 6: + host = '[%s]' % host + masters.append('%s:%d' % (host, master.port)) data = { "name": zone.name, diff --git a/designate/tests/unit/backend/test_pdns4.py b/designate/tests/unit/backend/test_pdns4.py index 595bd88d2..2439d7f22 100644 --- a/designate/tests/unit/backend/test_pdns4.py +++ b/designate/tests/unit/backend/test_pdns4.py @@ -12,11 +12,11 @@ import mock import requests_mock -import designate.tests from designate import exceptions from designate import objects from designate.backend import impl_pdns4 from designate.mdns import rpcapi as mdns_rpcapi +import designate.tests from designate.tests import fixtures @@ -80,6 +80,43 @@ class PDNS4BackendTestCase(designate.tests.TestCase): mock_notify_zone_changed.assert_called_with( self.context, self.zone, '127.0.0.1', 53, 30, 15, 10, 5) + @requests_mock.mock() + @mock.patch.object(mdns_rpcapi.MdnsAPI, 'notify_zone_changed') + def test_create_zone_ipv6(self, req_mock, mock_notify_zone_changed): + self.target['masters'] = [ + {'host': '2001:db8::9abc', 'port': 53}, + ] + + self.backend = impl_pdns4.PDNS4Backend( + objects.PoolTarget.from_dict(self.target) + ) + + req_mock.post( + '%s/localhost/zones' % self.base_address, + ) + req_mock.get( + '%s/localhost/zones/%s' % (self.base_address, self.zone.name), + status_code=404, + ) + + self.backend.create_zone(self.context, self.zone) + + self.assertEqual( + req_mock.last_request.json(), + { + 'kind': u'slave', + 'masters': ['[2001:db8::9abc]:53'], + 'name': u'example.com.', + } + ) + + self.assertEqual( + req_mock.last_request.headers.get('X-API-Key'), 'api_key' + ) + + mock_notify_zone_changed.assert_called_with( + self.context, self.zone, '127.0.0.1', 53, 30, 15, 10, 5) + @requests_mock.mock() def test_create_zone_already_exists(self, req_mock): req_mock.post( diff --git a/devstack/designate_plugins/backend-agent b/devstack/designate_plugins/backend-agent index e2579dc49..dd883d50e 100644 --- a/devstack/designate_plugins/backend-agent +++ b/devstack/designate_plugins/backend-agent @@ -49,7 +49,7 @@ function configure_designate_backend { priority: 1 nameservers: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_DNS targets: @@ -57,17 +57,17 @@ function configure_designate_backend { description: Agent Instance masters: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_MDNS options: - host: $DESIGNATE_SERVICE_HOST + host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_AGENT EOF # Configure Agent Settings iniset $DESIGNATE_CONF service:agent backend_driver $DESIGNATE_AGENT_BACKEND_DRIVER - iniset $DESIGNATE_CONF service:agent host $DESIGNATE_SERVICE_HOST + iniset $DESIGNATE_CONF service:agent host $(ipv6_unquote $DESIGNATE_SERVICE_HOST) iniset $DESIGNATE_CONF service:agent port $DESIGNATE_SERVICE_PORT_AGENT iniset $DESIGNATE_CONF service:agent masters "$DESIGNATE_SERVICE_HOST:$DESIGNATE_SERVICE_PORT_MDNS" diff --git a/devstack/designate_plugins/backend-agent-knot2 b/devstack/designate_plugins/backend-agent-knot2 index 88d41e396..da16c3468 100644 --- a/devstack/designate_plugins/backend-agent-knot2 +++ b/devstack/designate_plugins/backend-agent-knot2 @@ -72,12 +72,12 @@ EOF sudo test -f /var/lib/knot/confdb/data.mdb # Create the configuration - MINIDNS_IPADDR=$DESIGNATE_SERVICE_HOST + MINIDNS_IPADDR=$(ipv6_unquote $DESIGNATE_SERVICE_HOST) sudo knotc conf-begin - sudo knotc conf-set server.listen $DESIGNATE_SERVICE_HOST@$DESIGNATE_SERVICE_PORT_DNS + sudo knotc conf-set server.listen $(ipv6_unquote $DESIGNATE_SERVICE_HOST)@$DESIGNATE_SERVICE_PORT_DNS sudo knotc conf-set remote[minidns] - sudo knotc conf-set remote[minidns].address $DESIGNATE_SERVICE_HOST@$DESIGNATE_SERVICE_PORT_MDNS + sudo knotc conf-set remote[minidns].address $(ipv6_unquote $DESIGNATE_SERVICE_HOST)@$DESIGNATE_SERVICE_PORT_MDNS sudo knotc conf-set template[default] sudo knotc conf-set template[default].master minidns sudo knotc conf-set template[default].acl acl_minidns @@ -103,7 +103,7 @@ EOF sudo knotc zone-status localdomain echo "Testing Knot: this should return the daemon version" - dig @$DESIGNATE_SERVICE_HOST -p$DESIGNATE_SERVICE_PORT_DNS version.server CH TXT + dig @$(ipv6_unquote $DESIGNATE_SERVICE_HOST) -p$DESIGNATE_SERVICE_PORT_DNS version.server CH TXT } # init_designate_agent_backend - initialize databases, etc. diff --git a/devstack/designate_plugins/backend-agent-msdns b/devstack/designate_plugins/backend-agent-msdns index 1d459cef4..c2d047fb6 100644 --- a/devstack/designate_plugins/backend-agent-msdns +++ b/devstack/designate_plugins/backend-agent-msdns @@ -75,7 +75,7 @@ function configure_designate_agent_backend { description: MSDNS Agent Instance masters: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_MDNS options: diff --git a/devstack/designate_plugins/backend-bind9 b/devstack/designate_plugins/backend-bind9 index 117e1fbd3..8e714e722 100644 --- a/devstack/designate_plugins/backend-bind9 +++ b/devstack/designate_plugins/backend-bind9 @@ -97,7 +97,7 @@ function configure_designate_backend { priority: 1 nameservers: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_DNS targets: @@ -105,13 +105,13 @@ function configure_designate_backend { description: BIND Instance masters: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_MDNS options: - host: $DESIGNATE_SERVICE_HOST + host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_DNS - rndc_host: $DESIGNATE_SERVICE_HOST + rndc_host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) rndc_port: $DESIGNATE_SERVICE_PORT_RNDC rndc_config_file: $BIND_CFG_DIR/rndc.conf rndc_key_file: $BIND_CFG_DIR/rndc.key @@ -133,13 +133,14 @@ options { allow-new-zones yes; dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 - listen-on port $DESIGNATE_SERVICE_PORT_DNS { $DESIGNATE_SERVICE_HOST; }; + listen-on port $DESIGNATE_SERVICE_PORT_DNS { $HOST_IP; }; + listen-on-v6 port $DESIGNATE_SERVICE_PORT_DNS { $HOST_IPV6; }; recursion no; minimal-responses yes; }; controls { - inet $DESIGNATE_SERVICE_HOST port $DESIGNATE_SERVICE_PORT_RNDC allow { $DESIGNATE_SERVICE_HOST; } keys { "rndc-key"; }; + inet $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port $DESIGNATE_SERVICE_PORT_RNDC allow { $(ipv6_unquote $DESIGNATE_SERVICE_HOST); } keys { "rndc-key"; }; }; EOF @@ -149,7 +150,7 @@ include "$BIND_CFG_DIR/rndc.key"; options { default-key "rndc-key"; - default-server $DESIGNATE_SERVICE_HOST; + default-server $(ipv6_unquote $DESIGNATE_SERVICE_HOST); default-port $DESIGNATE_SERVICE_PORT_RNDC; }; EOF diff --git a/devstack/designate_plugins/backend-infoblox b/devstack/designate_plugins/backend-infoblox index 3ffbf1596..71fb20708 100644 --- a/devstack/designate_plugins/backend-infoblox +++ b/devstack/designate_plugins/backend-infoblox @@ -84,7 +84,7 @@ function configure_designate_backend { description: InfoBlox Cluster API masters: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_MDNS options: diff --git a/devstack/designate_plugins/backend-pdns4 b/devstack/designate_plugins/backend-pdns4 index d0cf01dd3..577421ac2 100644 --- a/devstack/designate_plugins/backend-pdns4 +++ b/devstack/designate_plugins/backend-pdns4 @@ -82,7 +82,7 @@ function configure_designate_backend { priority: 1 nameservers: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_DNS targets: @@ -90,11 +90,11 @@ function configure_designate_backend { description: PowerDNS Database Cluster masters: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_MDNS options: - host: $DESIGNATE_SERVICE_HOST + host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_DNS api_endpoint: http://$DESIGNATE_SERVICE_HOST:8081 api_token: changeme @@ -110,7 +110,8 @@ socket-dir=/var/run guardian=yes daemon=yes disable-axfr=no -local-address=$DESIGNATE_SERVICE_HOST +local-address=$HOST_IP +local-ipv6=$HOST_IPV6 local-port=$DESIGNATE_SERVICE_PORT_DNS master=no slave=yes @@ -119,8 +120,8 @@ query-cache-ttl=0 negquery-cache-ttl=0 out-of-zone-additional-processing=no webserver=yes -webserver-address=$DESIGNATE_SERVICE_HOST -webserver-allow-from=$DESIGNATE_SERVICE_HOST,127.0.0.1,::1 +webserver-address=$(ipv6_unquote $DESIGNATE_SERVICE_HOST) +webserver-allow-from=$(ipv6_unquote $DESIGNATE_SERVICE_HOST),127.0.0.1,::1 api=yes api-key=changeme EOF @@ -131,7 +132,7 @@ EOF launch=gmysql # gmysql parameters -gmysql-host=$DATABASE_HOST +gmysql-host=$MYSQL_HOST gmysql-user=$DATABASE_USER gmysql-password=$DATABASE_PASSWORD gmysql-dbname=designate_pdns @@ -142,7 +143,7 @@ EOF # Launch gpgsql backend launch=gpgsql -# gmysql parameters +# gpgsql parameters gpgsql-host=$DATABASE_HOST gpgsql-user=$DATABASE_USER gpgsql-password=$DATABASE_PASSWORD diff --git a/devstack/designate_plugins/backend-powerdns b/devstack/designate_plugins/backend-powerdns index 295ceccdc..008b952df 100644 --- a/devstack/designate_plugins/backend-powerdns +++ b/devstack/designate_plugins/backend-powerdns @@ -65,7 +65,7 @@ function configure_designate_backend { priority: 1 nameservers: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_DNS targets: @@ -73,11 +73,11 @@ function configure_designate_backend { description: PowerDNS Database Cluster masters: - - host: $DESIGNATE_SERVICE_HOST + - host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_MDNS options: - host: $DESIGNATE_SERVICE_HOST + host: $(ipv6_unquote $DESIGNATE_SERVICE_HOST) port: $DESIGNATE_SERVICE_PORT_DNS connection: '`database_connection_url designate_pdns`' EOF @@ -92,7 +92,7 @@ socket-dir=/var/run guardian=yes daemon=yes disable-axfr=no -local-address=$DESIGNATE_SERVICE_HOST +local-address=$(ipv6_unquote $DESIGNATE_SERVICE_HOST) local-port=$DESIGNATE_SERVICE_PORT_DNS master=no slave=yes @@ -108,7 +108,7 @@ EOF launch=gmysql # gmysql parameters -gmysql-host=$DATABASE_HOST +gmysql-host=$MYSQL_HOST gmysql-user=$DATABASE_USER gmysql-password=$DATABASE_PASSWORD gmysql-dbname=designate_pdns @@ -119,7 +119,7 @@ EOF # Launch gpgsql backend launch=gpgsql -# gmysql parameters +# gpgsql parameters gpgsql-host=$DATABASE_HOST gpgsql-user=$DATABASE_USER gpgsql-password=$DATABASE_PASSWORD